Race Condition in glib2.0

Do your applications use this vulnerable package? Test your applications

Overview

file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.

References

CVE Details
Debian Security Announcement
Debian Security Tracker
Fedora Security Update
MISC
Netapp Security Advisory
REDHAT
SUSE
Ubuntu CVE Tracker
Ubuntu Security Advisory
Ubuntu Security Advisory

Attack Vector

Network
Attack Complexity

Low
Privileges Required

None
User Interaction

None
Scope

Unchanged
Confidentiality

High
Integrity

High
Availability

High

CVE: CVE-2019-12450
CWE: CWE-276 CWE-362
Snyk ID: SNYK-DEBIAN8-GLIB20-348021
Disclosed: 29 May, 2019
Published: 29 May, 2019

Race Condition
Affecting glib2.0 package, versions <2.42.1-1+deb8u1

Overview

References

CVSS Score

Race Condition Affecting glib2.0 package, versions <2.42.1-1+deb8u1

Overview

References

Race Condition
Affecting glib2.0 package, versions <2.42.1-1+deb8u1